Related posts

See how RangeForce can help your team hone their cyber security skills, train up new team members, and make running blue/red team exercises a snap! 

Request a Demo

RangeForce Content Rewind | July 2021

28 July, 2021

Welcome to the RangeForce Content Rewind. In July, we added 23 modules to the RangeForce platform to continue supporting your cybersecurity training needs.
With all-new training being added to the RangeForce platform each week, we wanted to take a moment and highlight some of the new modules available on the platform.

Take a look at the list below to get acquainted with our top additions from the past month. Be sure to give our new modules a try and let us know what you think!

New Training Modules

Persistence Challenge | Learners are provided small networks including both a Splunk instance and a production Linux server. Malicious actors are hinted to be logging onto the server, leading users to analyze logs to analyze harmful activity. This challenge is available in three parts, from foundational to expert training.

Windows – WMI Exercise | WMI, as a part of the Windows operating system, can ease the role of a system administrator while also making it easier for malicious individuals to compromise your system. In this module, learners will review WMI-related incidents and determine whether activities were negative or not.

Accessibility Features Introduction | An intermediate level introduction to how Microsoft Windows accessibility features work and how attackers can manipulate them. Users will be asked to identify legitimate and illegitimate uses of Windows accessibility features.

Accessibility Features Detection | Following up from the Introduction, this advanced module continues focusing on accessibility features available in Windows systems to assist people with disabilities. Since threat actors do still have the capability to modify these programs to establish themselves, users will review the “sticky keys” feature as an option for attackers to use.

Windows – Elastic: Winlogbeat - Installation | In this module, learners are given a task to install Winlogbeat, an Elastic Beat for Windows events and logs, onto workstations. Users will learn how to install and configure Winlogbeat to the Elastic Stack.

Elastic: Winlogbeat – Log Analysis | This instance calls for Learners to investigate an issue involving workstations working incorrectly for the Sales department, which must be investigated using Winlogbeat. Learners will further their knowledge using the tool and analyzing Windows logs on Kibana.

Elastic: Filebeat | Users are asked to help gain an overview of what is happening with the Commensurate Technology web server. In the process, Learners will learn more about Elastic, specifically the Filebeat setup and configuration.

Elastic: Packetbeat - Installation | Packetbeat is a lightweight network packet analyzer which sends data from hosts and containers to Logstash or Elasticsearch. Learners will be given a task to set this tool up on the main website of their company, allowing them to understand Packetbeat’s configuration.

Elastic: Packetbeat – Log Analysis | In this module, the traffic to a company’s website has spiked and sensitive information has been released to the public. Learners will be asked to analyze network traffic logs generated by Packetbeat on Kibana.

Java Reverse Engineering | Learn how to reverse engineer Java applications, keeping in mind Java is one of the most popular programming languages in the world.

APK Reverse Engineering | Users will pull an app from an Android device and reverse engineer it to obtain the key and understand the verification process.

Manage Risks Related to IoT Device Operating Systems and Firmware | Gain knowledge on the challenges associated with the security of lightweight operating systems and programs that run on IoT devices to prevent these from creating an insecure environment.

Additional Modules

Additional modules added in the last month include Stack Frames, Promoting Physical Security, Examining Processes with Volatility, Ansible: Playbooks, Process Injection (Process Hollowing) Introduction, CVE-2021-34527, Accessibility Features Exercise, Access Token Manipulation Introduction, and Ansible: Inventory.

As RangeForce adds new content, we also make platform enhancements to improve the experiences of our Learners and Admins. Our user feedback is critical to these changes. Here’s a few highlights from the past month that we’d like to share with you:

  • Admins can now view their Members, Teams, and Licenses all within the Organization tab.
    • Members includes a list of all users, as well as each individual’s role(s) and team(s).
    • Teams provides an overview of those which are currently active, including the Admins and Learners included in each one.
    • Licenses exhibits the status, number of available seats, and expiration date for each production account.
  • Admins now have the ability to assign training plans to either an entire Team or individual Learners. Training plans can still include full courses as well as individual modules with or without a due date. Training plans are a great way to engage users in our wide range of content.

If you’re interested in learning more about the RangeForce platform or seeing our full course catalog, request a demo here or contact our sales team at sales@rangeforce.com.

Up Next

The Cost of Connectivity: Tackling IoT’s Unique Security Challenges

2 September, 2021

Read More

Helping Enterprises Build Cyber Resiliency

11 February, 2021

Read More

Up Next

  • The Cost of Connectivity: Tackling IoT’s Unique Security Challenges

    2 September, 2021

    Read More
  • Helping Enterprises Build Cyber Resiliency

    11 February, 2021

    Read More